Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,793
Erlang
29
GitHub Actions
16
Go
1,710
Maven
4,947
npm
3,475
NuGet
605
pip
3,001
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,066 advisories

Uncontrolled resource consumption vulnerability in XAMPP Windows, versions 7.3.2 and earlier.... High Unreviewed
CVE-2024-5055 was published May 17, 2024
Denial of Service (DoS) vulnerability for Cerberus Enterprise 8.0.10.3 web administration. The... High Unreviewed
CVE-2024-5052 was published May 17, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE... High Unreviewed
CVE-2024-4438 was published May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE... High Unreviewed
CVE-2024-4437 was published May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE... High Unreviewed
CVE-2024-4436 was published May 8, 2024
Minder's GitHub Webhook Handler vulnerable to DoS from un-validated requests High
CVE-2024-34084 was published for github.com/stacklok/minder (Go) May 7, 2024
AdamKorcz DavidKorczynski
Remote denial of service vulnerability in LAN Messenger affecting version 3.4.0. This... High Unreviewed
CVE-2024-4599 was published May 7, 2024
go-ethereum vulnerable to DoS via malicious p2p message High
CVE-2024-32972 was published for github.com/ethereum/go-ethereum (Go) May 6, 2024
Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service... High Unreviewed
CVE-2023-39477 was published May 3, 2024
Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service... High Unreviewed
CVE-2023-27334 was published May 3, 2024
Yamux Memory Exhaustion Vulnerability via Active::pending_frames property High
CVE-2024-32984 was published for yamux (Rust) May 1, 2024
jxs marten-seemann
AgeManning
Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 ... High Unreviewed
CVE-2024-4056 was published Apr 26, 2024
An incomplete fix was shipped for the Rapid Reset (CVE-2023-44487/CVE-2023-39325) vulnerability... High Unreviewed
CVE-2023-6596 was published Apr 25, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16... High Unreviewed
CVE-2024-2829 was published Apr 25, 2024
A Denial of Service (DoS) vulnerability exists in the mintplex-labs/anything-llm repository when... High Unreviewed
CVE-2024-3569 was published Apr 10, 2024
DHCP Server Service Denial of Service Vulnerability High Unreviewed
CVE-2024-26215 was published Apr 9, 2024
DHCP Server Service Denial of Service Vulnerability High Unreviewed
CVE-2024-26212 was published Apr 9, 2024
QUIC's Connection ID Mechanism vulnerable to Memory Exhaustion Attack High
CVE-2024-22189 was published for github.com/quic-go/quic-go (Go) Apr 2, 2024
marten-seemann
IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 could allow a remote user to... High Unreviewed
CVE-2023-47150 was published Mar 26, 2024
XNIO denial of service vulnerability High
CVE-2023-5685 was published for org.jboss.xnio:xnio-api (Maven) Mar 22, 2024
grosario1
Memory leaks in code encrypting and verifying RSA payloads High
CVE-2024-1394 was published for github.com/golang-fips/go (Go) Mar 20, 2024
qmuntal r3kumar
tls-listener affected by the slow loris vulnerability with default configuration High
CVE-2024-28854 was published for tls-listener (Rust) Mar 15, 2024
conradludgate
Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability High
CVE-2024-21392 was published for Microsoft.NETCore.App.Runtime.linux-arm (NuGet) Mar 12, 2024
r3kumar TAINA-AntonyBingham
A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS... High Unreviewed
CVE-2024-20321 was published Feb 29, 2024
Connection leaking on idle timeout when TCP congested High
CVE-2024-22201 was published for org.eclipse.jetty.http2:http2-common (Maven) Feb 26, 2024
luffy1949
ProTip! Advisories are also available from the GraphQL API